InMotion Hosting Support Center

Defending against WordPress xmlrpc attacks

Category: Server Usage

n/a Points
2014-08-27 4:14 pm EST

Hits: 1,245
Hi I have my own sites as well as a lot of my clients' sites on inMotion and I'd like your opinion.
I have seen .htaccess rules protecting against xmlrpc attacks using...

Redirect 301 /xmlrpc.php

This reflects attacks back to the offender.
I've also seen...

<Files "xmlrpc.php">
Order allow,deny
Deny from all

Which will just plain deny access to the file.

Does inMotion have a preference? Is one easier on cpu bandwidth than the other?


You must login before you can ask a follow up question.

You must login before you can submit an answer.



11,186 Points
2014-08-27 5:15 pm EST
The solution is entirely up to you but in most cases. Personally, I recommend denying access to the file completely instead of the redirect but either way will be perfectly fine.

You must login before you can post a comment about this answer.

Would the redirect raise a flag with whoever is hosting the attacker?

I have a client (here on IM) that has been hit hard from an Amazon (AWS) IP address. It would be so cool to be able to use the attackers attacks against themselves.
39 Points
2014-08-27 5:37 pm EST
Hello Kdawes01,

It is possible, but the host would need to be aware of the issue. Many of the attacks are done through automation and use a variety of IP addresses, so it may not even look like an attack from those who monitor.

Arnel C.
42,973 Points
2014-08-27 5:45 pm EST
There should be a plugin for this also: Remove XMLRPC Pingback Ping
73 Points
2014-08-28 1:15 am EST
Revisiting this question... I've had a client (here on IM) that I've used the "deny" method and under an xmlrpc attack resource usage has still gone through the roof (over 2000% !!!) and brought the site to a crawl.
Would the redirect method (or some other method) use fewer resources?
39 Points
2014-11-07 2:09 pm EST

10,077 Points
2014-11-07 2:46 pm EST
Hello Kdawes01,

Using the .htaccess block would help lower the accounts resource usage. There are other things you can do as well. I would recommend your client to send an email to our support team and ask for an account review.

Kindest Regards,
TJ Edens

You must login before you can post a comment about this answer.

Like this Question?

Forum Login

You are NOT logged in. You can still browse our Support Center.

To participate within our Community Support Forum:

Need more Help?

Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail:
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!